Technology has helped to transform the healthcare sector because it enables firms tosuccessfully manage their diverse information needs. Moreover, technology has assisted in thedevelopment of agile, flexible, and scalable structures that help in accomplishing the strategicobjectives of organizations.
Healthcare organizations have been incorporating technology withthe aim of reducing workflow activities, improving service quality, and responding to the needsof their key stakeholders. However, the advent of technology has created risks and vulnerabilitiesto the networks used by healthcare organizations. The different types of threats include viruses,Trojans, malicious programs, and malicious intruders that might try to steal or alter the criticaldata of healthcare organizations. The result is the need for comprehensive cybersecuritystrategies and network security approaches that can be used for protecting and safeguarding thedata of companies from a wide range of threats. Network security should start with clear, precise,and specific goals. It should involve the complete assessment of the network at periodic intervalsin order to identify vulnerabilities. Furthermore, network security is enhanced when companiesare able to use technology and administrative practices for achieving the network security goals.
Medical record companies need to be equipped with the proper network security strategies.These strategies should focus on using technology and best administrative practices that wouldmitigate the impact of threats encountered in the network. Furthermore, it is critical that networksecurity should be continuously updated in accordance with the needs of the organization as wellas the changing threats.NETWORK SECURITYDatabases to be UsedA database management system ensures that information can be properly stored andretrieved by the organization when it is needed for performing activities. Selecting the properdatabase is an important part of the network security strategy for the medical record company.The selected database is MS Access which is a Microsoft product that offers robust performancefor the company (Peltier, 2016).
It can be used for meeting the needs of the company because ithas security features that can be integrated with the anti-virus and intrusion detection systeminstalled in the company for network security.Domain ConfigurationThe network security strategy will configure the domain in such a way that it strives toestablish rights and privileges for each user (Peltier, 2013). Furthermore, the network securityplan will focus on training the users so that they are aware about the basic security protocols. Thedomain should be configured in such a way that it is integrated with the network security strategyof the medical record company.Operating Systems for Client ComputersWindows 10 is the latest version of Microsoft Windows which should be used for theclient computers of the medical record company.
It has several types of security features thatcould play a critical role in safeguarding against different types of information security and cybersecurity threats (Peltier, 2016). It can be run on PCs, tablets, smartphones, and other computingdevices. It has a superior system that allows mouse oriented interface and touchscreen optimizedinterface to meet the needs of users. It has Windows Defender Smart Screen that preventsemployees from accessing any suspicious website over the Internet (Peltier, 2016).NETWORK SECURITYThe Windows Defender Application Guard is another built-in security feature that providesadded levels of protection to the network in the medical record company.Data Transmission RequirementsData transmission is one of the most important functions of the network security plan.The security of information across networks is a major issue that is plaguing the entire world.
The medical record company needs to develop a proper plan for ensuring that documents andinformation can be exchanged in a secure manner (Raiyn, 2014). Emails are the primary methodof communication in many firms as they help in the transmission of information. The datatransmission policy should ensure that sensitive information is not sent through this method.
Secure data transmission can be undertaken through the use of web based email services thatprovide encryption for email messages that are sent and received by the medical record company(Raiyn, 2014). This strategy will be beneficial as it will enhance the ability of the company tosafeguard and protect its networks. The medical record company should strive to use anenterprise level anti-virus system that could provide further levels of protection to the entirenetwork.
Protection of Confidential Records and AuthenticationThe process for protection of confidential records and authentication must be done bysecuring the key assets. One of the key approaches is that the servers should be providedphysical security so that they can be safe from unauthorized access. Empirical studies argue thataccidental data loss or theft occurs due to missing devices such as portable storage media,laptops, desktop computers, and hard drives taken out from the entire networks (Raiyn, 2014).
NETWORK SECURITYProperly designated areas for the servers storing the critical information are needed forthe medical records company while it is important to develop other policies for the success of theorganization. The strategy for protecting confidential records and authentication should involvethe use of proper passwords by the users. The passwords must be used in such a manner that theyare safeguarded by the individuals while the passwords must not be stolen by potential intruders.
An access control system for the medical record company should authenticate based onuser names and passwords (Alpcan & Basar, 2010). Accessibility to information for the staffshould be based on their needs and privileges. File access permissions should be set accordinglyto meet the needs of the staff members depending on their roles and privileges in the medicalrecord company. The additional role controls can be developed based on the role of the staffmember in the medical record company. Access permissions must be established based on theabove staff roles which will help to provide augmented levels of security for the company(Alpcan & Basar, 2010).
Process for Storing Information on Separate DatabasesDatabase security has been considered to be a vital goal of network security becausedatabases allow users to store and retrieve the confidential data and information of any company.The databases of the medical record company can be vulnerable to unauthorized access ormisuse by potential intruders, users, and administrators. Another threat is that of malwareinfections that can cause alteration or tampering of the critical data (Ahmad et al, 2014).Database security can be compromised by performance constraints and capacity issues as usersmight be unable to access the systems. Finally, there is always the threat the programming bugsand design flaws in specific database systems might lead to problems for the medical recordcompany (Ahmad et al, 2014).
NETWORK SECURITYThe database security strategy should focus on storing information on multiple databases.This means that backup systems should be in place for the security of the medical recordcompany. This will help to achieve the highest levels of success as the company will be able todistribute the data and ensure that proper backup measures are in place in order to ensure thesafety and integrity of the critical data (Ahmad et al, 2014).
User access rights, log management,database replication, and backups must be part of the network security strategy in the companyso that sound outcomes can be attained. The proper security policies should seek to focus onachieving long term growth and development (Ahmad et al, 2014).ConclusionA database management system ensures that information can be properly stored andretrieved by the organization when it is needed for performing activities. Selecting the properdatabase is an important part of the network security strategy for the medical record company.The selected database is MS Access which is a Microsoft product that offers robust performancefor the company. Data transmission is one of the most important functions of the networksecurity plan. The security of information across networks is a major issue that is plaguing theentire world.
The medical record company needs to develop a proper plan for ensuring thatdocuments and information can be exchanged in a secure manner. The strategy for protectingconfidential records and authentication should involve the use of proper passwords by the users.The passwords must be used in such a manner that they are safeguarded by the individuals whilethe passwords must not be stolen by potential intruders. An access control system for the medicalrecord company should authenticate based on user names and passwords. Accessibility toinformation for the staff should be based on their needs and privileges.